The variety of malware on the Internet is ever-growing. One such variant of malware is ransomware, which attempts to encrypt important files on a user's computing system and then holds the encrypted files for ransom. If the user does not pay the ransom, the important files remain encrypted and may be impossible for the user to access. CryptoLocker is an example of ransomware that encrypts a user's file systems and demands a ransom in exchange for a decryption key.
Unfortunately, the encryption of a user's files by ransomware may result in data loss, even when the user's computing system is configured to back up the files to another storage location (e.g., using a cloud-based storage service). For example, the encryption of a user's files by ransomware may affect backups of the files because typical backup systems simply mirror the user's files to another storage location. Under these circumstances if a user's computing system comes under a ransomware attack and files stored at the computing system are encrypted, a typical backup system may backup the encrypted files to another storage location leaving the user with two copies of the user's files in an encrypted and inaccessible state and no copies of the user's files in an unencrypted and accessible state. The instant disclosure, therefore, identifies and addresses a need for improved systems and methods for protecting backed-up data from ransomware attacks.